Published: 30/04/2021 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An issue exists in klibc prior to 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
klibc project klibc
debian debian linux 9.0

Debian Bug report logs - #989505 Multiple security issues (CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873) Package: src:klibc; Maintainer for src:klibc is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Ben Hutchings <ben@decadentorguk> Date: Sat, 5 Jun 2021 18:18:01 UTC Severity: ...

Several security issues were fixed in klibc ...

oss-sec mailing list archives   By Date By Thread </form>    [ANNOUNCE] klibc 209   From: Ben Hutchings <ben () decadent org uk&g ...

CWE-190 https://kernel.org/pub/linux/libs/klibc/2.0/https://lists.zytor.com/archives/klibc/2021-April/004593.html https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202 http://www.openwall.com/lists/oss-security/2021/04/30/1 https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html https://github.com/huolinjue/klibc/commit/a31ae8c508fc8d1bca4f57e9f9f88127572d5202 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505 https://ubuntu.com/security/notices/USN-5379-1 https://nvd.nist.gov

CVE-2021-31873

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect